Security & Fraud

Twitter Ad Targeting Bug Could Have Exposed User Data

Twitter Ad Targeting Bug Could Have Exposed User Data

Twitter has admitted to ad-targeting data breaches in regard to user permissions, according to reports.

The company said it found bugs that may have shared user information with advertisers even when users asked it not to do so.

“If you clicked or viewed an advertisement for a mobile application and subsequently interacted with the mobile application since May 2018, we may have shared certain data (e.g., country code, if you engaged with the ad and when, information about the ad, etc.) with trusted measurement and advertising partners, even if you didn't give us permission to do so,” the company said in a post explaining the issues.

The company also said that in the process of trying to show users better advertising on the platform, it may have shown ads “based on inferences we made about the devices you use, even if you did not give us permission to do so. The data involved stayed within Twitter and did not contain things like passwords, email accounts, etc.”

Twitter said it fixed the issues on Aug. 5, although it didn’t say when it realized the breaches were happening. The data leaks may have been happening since May of last year, which is also when the General Data Protection Regulation (GDPR) in Europe came into effect.

The social media company said it doesn’t share users’ names or other identifying characteristics with ad partners, but it does share what’s called a mobile device identifier, which is considered a unique identifier under GDPR rules. With the mobile identifier, Twitter and advertisers can track people’s internet activity, which allows for ad targeting.

Twitter’s admission of using inferences about interests based on tracking could also be another breach of GDPR, especially if users didn’t consent to being tracked. Most of the tracking is done through cookies, which collects data and leaves a sort of trail that links user history to products.

“What is there for you to do? Aside from checking your settings, we don't believe there is anything for you to do,” Twitter said. “You trust us to follow your choices and we failed here. We’re sorry this happened, and are taking steps to make sure we don’t make a mistake like this again. If you have any questions, you may contact Twitter's Office of Data Protection through this form.”

——————————

NEW PYMNTS DATA: HOW WE SHOP – SEPTEMBER 2020 

The How We Shop Report, a PYMNTS collaboration with PayPal, aims to understand how consumers of all ages and incomes are shifting to shopping and paying online in the midst of the COVID-19 pandemic. Our research builds on a series of studies conducted since March, surveying more than 16,000 consumers on how their shopping habits and payments preferences are changing as the crisis continues. This report focuses on our latest survey of 2,163 respondents and examines how their increased appetite for online commerce and digital touchless methods, such as QR codes, contactless cards and digital wallets, is poised to shape the post-pandemic economy.

TRENDING RIGHT NOW